Index: openacs-4/packages/xowiki/catalog/xowiki.en_US.ISO-8859-1.xml =================================================================== RCS file: /usr/local/cvsroot/openacs-4/packages/xowiki/catalog/xowiki.en_US.ISO-8859-1.xml,v diff -u -r1.26 -r1.27 --- openacs-4/packages/xowiki/catalog/xowiki.en_US.ISO-8859-1.xml 26 Jul 2007 00:30:31 -0000 1.26 +++ openacs-4/packages/xowiki/catalog/xowiki.en_US.ISO-8859-1.xml 26 Jul 2007 10:40:34 -0000 1.27 @@ -66,6 +66,7 @@ Published References to this Page: Revisions + %errorMsg% Search View more... Index: openacs-4/packages/xowiki/tcl/form-field-procs.tcl =================================================================== RCS file: /usr/local/cvsroot/openacs-4/packages/xowiki/tcl/form-field-procs.tcl,v diff -u -r1.29 -r1.30 --- openacs-4/packages/xowiki/tcl/form-field-procs.tcl 25 Jul 2007 23:59:23 -0000 1.29 +++ openacs-4/packages/xowiki/tcl/form-field-procs.tcl 26 Jul 2007 10:40:34 -0000 1.30 @@ -61,7 +61,6 @@ my instvar label return [_ acs-templating.Element_is_required] } - # todo: value type checker (through subtypes, check only if necessary) # #my msg "[my name] [my info class] validator=[my validator]" if {[my validator] ne ""} { @@ -514,6 +513,7 @@ javascript {height 350px} {style "width: 100%"} + {validator safe_html} } FormField::richtext instproc initialize {} { # Reclass the editor based on the attribute 'editor' if necessary @@ -538,6 +538,22 @@ next } } + FormField::richtext instproc check=safe_html {value} { + # don't check if the user has admin permissions on the package + if {[::xo::cc permission \ + -object_id [::xo::cc package_id] \ + -privilege admin \ + -party_id [::xo::cc user_id]]} { + set msg "" + } else { + set msg [ad_html_security_check $value] + } + if {$msg ne ""} { + my uplevel [list set errorMsg $msg] + return 0 + } + return 1 + } FormField::richtext instproc pretty_value {v} { # for richtext, perform minimal output escaping return [string map [list @ "@"] $v] @@ -747,6 +763,7 @@ Class FormField::mon -superclass FormField::select FormField::mon instproc initialize {} { set values [lang::message::lookup [my locale] acs-lang.localization-abmon] + if {[lang::util::translator_mode_p]} {set values [::xo::localize $values]} set last 0 foreach m {1 2 3 4 6 7 8 9 10 11 12} { lappend options [list [lindex $values $last] $m] @@ -764,6 +781,7 @@ Class FormField::month -superclass FormField::select FormField::month instproc initialize {} { set values [lang::message::lookup [my locale] acs-lang.localization-mon] + if {[lang::util::translator_mode_p]} {set values [::xo::localize $values]} set last 0 foreach m {1 2 3 4 6 7 8 9 10 11 12} { lappend options [list [lindex $values $last] $m]